Security, Privacy Cryptography
Enterprise IT is not structured to have the time and money to invest in far-reaching and forward-looking security threats and solutions. Academic and government research in these areas thrive, but does not easily find its way into industry. Red Hat’s open source approach allows researchers to share their work immediately and have it reviewed by thousands of security experts. This review further hardens the work and allows it to be put to use more quickly and more broadly so research and inventions in cryptography, privacy and cybersecurity have immediate impact.
Projects
| Project | Summary | Research Area | RIG | Universities | hf:tax:rig | hf:tax:partner_university |
|---|---|---|---|---|---|---|
| Mass Open Cloud (MOC): An open, distributed platform enabling AI/ML workloads | Red Hat has for many years participated in and supported the Mass Open Cloud Alliance (MOC-A). With the rising importance … | AI-ML, Cloud-DS, Hardware and the OS, Security, Privacy, Cryptography | Boston University, Harvard University | boston-university harvard-university | ||
| HySe – Hypervisor Security through Component-Wise Fuzzing | The security of the entire cloud ecosystem crucially depends on the isolation guarantees that hypervisors provide between guest VMs and … | Security, Privacy, Cryptography | Boston University | boston-university | ||
| CoFHE: Compiler for Fully Homomorphic Encryption | In today’s data-driven world, our personal data is frequently shared with enterprises and cloud service providers. Unfortunately, data processing in … | Cloud-DS, Hardware and the OS, Security, Privacy, Cryptography | Boston University | boston-university | ||
| QUBIP – Quantum-oriented Update to Browsers and Infrastructures for the PQ Transition | The exciting frontiers opened by the development of quantum computers (QC) come at the cost of breaking the foundations of … | Security, Privacy, Cryptography | Europe | brno | ||
| CHESS: Cyber-security Excellence Hub in Estonia and South Moravia | The Cyber-security Excellence Hub in Estonia and South Moravia (CHESS) brings together leading R&I institutions in both regions to build … | Security, Privacy, Cryptography | Europe | Brno University of Technology, Masaryk University | brno | brno-university-of-technology masaryk-university |
| Common Vulnerabilities and Exposures (CVE) mining and prediction | With the continuous increase in reported Common Vulnerabilities and Exposures (CVEs), security teams are overwhelmed by vast amounts of data, … | AI-ML, Security, Privacy, Cryptography | Israel | Reichman University, Tel Aviv University | tel-aviv | reichman-university tel-aviv-university |
| FHELib: Fully Homomorphic Encryption Hardware Library for Privacy-preserving Computing | Note: Please visit the Privacy-Preserving Cloud Computing using Homomorphic Encryption project page for information on a related project. In today’s … | Cloud-DS, Hardware and the OS, Security, Privacy, Cryptography | North America | Boston University | greater-boston | boston-university |
| DDoS Attacks on Cloud Auto-scaling Mechanisms | Auto-scaling mechanisms are an important line of defense against distributed denial of service (DDoS) attacks in the cloud. Using auto-scaling, … | Cloud-DS, Security, Privacy, Cryptography | Israel | Reichman University, Tel Aviv University | tel-aviv | reichman-university tel-aviv-university |
| Security and safety of Linux systems in a BPF-powered hybrid user space/kernel world | With the introduction of BPF into the Linux kernel, we are seeing a sea change in the traditional application model. With BPF it is now possible to execute parts of the application logic in kernel space, leading to a novel hybrid userspace/kernel model. This is an exciting development that brings with it many opportunities, but also some challenges especially in the area of security. We have recently seen an example of this around the “kernel lockdown” functionality in the kernel, which would disable BPF entirely in its “confidentiality” mode. | Hardware and the OS, Security, Privacy, Cryptography | Europe | Karlstad University | brno | karlstad-university |
| ICOS: IoT2Cloud Operating System | The ICOS project aims at covering the set of challenges coming up when addressing this continuum paradigm, proposing an approach embedding a well-defined set of functionalities, ending up in the definition of an IoT2cloud Operating System (ICOS). | AI-ML, Cloud-DS, Security, Privacy, Cryptography | Europe, Israel | National and Kapodistrian University of Athens, Technische Universitãt Braunschweig, Universitat Politécnica de Catalunya (UPC) | brno tel-aviv | national-and-kapodistrian-university-of-athens technische-universitat-braunschweig universitat-politecnica-de-catalunya-upc |
| SnappyOS: Fault-Tolerant and Energy-Efficient Framework for HPC Applications | This project aims to design, implement and evaluate a system to enhance the security and privacy of emerging satellite communications infrastructure using in-network computing and software-defined networking. | Security, Privacy, Cryptography | Europe | University of Oxford | brno | university-of-oxford |
| Disinformation Detection at Scale | The increased prevalence of fake and manipulated visual media on the Internet has led to social and technical dilemmas in … | AI-ML, Security, Privacy, Cryptography | North America | UNICAMP - Universidade Estadual de Campinas, University of Notre Dame | greater-boston | unicamp-universidade-estadual-de-campinas university-of-notre-dame |
| Creating a global open research platform to better understand social sustainability using data from a real-life smart village | A BU team is working with SmartaByar and the Red Hat Social Innovation Program in order to create a global … | AI-ML, Cloud-DS, Security, Privacy, Cryptography | North America | Boston University | greater-boston | boston-university |
| Privacy-Preserving Cloud Computing using Homomorphic Encryption | Note: Please visit the FHELib: Fully Homomorphic Encryption Hardware Library for Privacy-preserving Computing project page for information on a related … | Cloud-DS, Hardware and the OS, Security, Privacy, Cryptography | North America | Boston University | greater-boston | boston-university |
| Symbiotes: A New step in Linux’s Evolution | This work explores how a new kind of software entity, a symbiotie, might bridge this gap. By adding the ability for application software to shed the boundary that separates it from the OS kernel it is free to integrate, modify and evolve in to a hybrid that is both application and OS. | Hardware and the OS, Security, Privacy, Cryptography | North America | Boston University | greater-boston | boston-university |
| Secure cross-site analytics on OpenShift logs | The project aims to explore whether cryptographically secure Multi-Party Computation, or MPC for short, can be used to perform secure cross-site analytics on OpenShift logs with minimum client participation. | Cloud-DS, Security, Privacy, Cryptography, Testing and Ops | North America | Boston University | greater-boston | boston-university |
| Are Adversarial Attacks a Viable Solution to Individual Privacy? | Users of online services today must trust platforms with their personal data. Platforms can choose to enable privacy by default … | Security, Privacy, Cryptography | North America | Boston University | greater-boston | boston-university |
| Secured API in Hybrid Cloud | Recently we see many companies that are moving their data from local data centers to public-managed clouds. But with these movements, some questions raise up. | Security, Privacy, Cryptography | Israel | Ariel University | tel-aviv | ariel-university |
| Side-channel attacks on embedded devices and smartcards | This project focuses on several aspects of side-channel attacks on embedded devices and smartcards, utilizing timing, power-analysis and other side-channels. … | Security, Privacy, Cryptography | Europe | Masaryk University | brno | masaryk-university |
| Sec-certs: Mining issued Common Criteria and FIPS140-2 certificates | The security certification reports might be long but is also a trove of publicly available data about otherwise proprietary devices … | Security, Privacy, Cryptography | Europe | Masaryk University | brno | masaryk-university |
| Verifying constant-time cryptographic algorithm implementations | The aim of this project is to verify the timing side-channel resistance of cryptographic implementations. The project focuses on the constant time (and constant memory access) generic cryptographic implementations of selected cryptographic algorithms. T | Security, Privacy, Cryptography | Europe | Masaryk University | brno | masaryk-university |
| Trusted Computing Ecosystem | The project aims to study the TPM ecosystem as currently exists in deployed devices and software applications using it, establish the types of chips and their properties one can encounter, investigate the state of patching of known vulnerabilities like ROCA against Infineon’s TPM (CVE-2017-15361) or TPMFail against Intel’s fTPM (CVE-2019-11090) and STM’s TPM (CVE-2019-16863) and analyze a reliability of stored integrity measurements (PCRs) for remote attestation and disk encryption uses. | Security, Privacy, Cryptography | Europe | Masaryk University | brno | masaryk-university |
| Accelerating Microarchitectural Security Research | We are working on processes and tooling to lower the barrier to entry into the field and accelerate attack research and mitigation across academia and industry. | Security, Privacy, Cryptography | Europe | Graz University of Technology | brno | tu-graz |
| Authentication in public open-source repositories | This project focuses on user authentication in public repositories containing open-source projects, which are then used by commercial companies (e.g. Red Hat) as a source for their internally maintained repositories. | Security, Privacy, Cryptography | Europe | Masaryk University | brno | masaryk-university |
| Elastic Secure Infrastructure | This project encompasses work in several areas to design, build and evaluate secure bare-metal elastic infrastructure for data centers. | Cloud-DS, Security, Privacy, Cryptography, Testing and Ops | North America | Boston University | greater-boston | boston-university |
| Open Cloud Testbed | The Open Cloud Testbed project will build and support a testbed for research and experimentation into new cloud platforms – the underlying software which provides cloud services to applications. Testbeds such as OCT are critical for enabling research into new cloud technologies – research that requires experiments which potentially change the operation of the cloud itself. | AI-ML, Cloud-DS, Hardware and the OS, Security, Privacy, Cryptography, Testing and Ops | North America | Boston University, Northeastern University, UMass Amherst | greater-boston | boston-university northeastern-university umass-amherst |
| Usable Security for Developers | This project focuses on the cryptographic APIs with respect to their developer usability. Such APIs are notoriously complex and prone to usage errors – our goal is to analyze their (in)correct usage and propose precautions and guidelines to achieve better usability and security. | Security, Privacy, Cryptography | Europe | Masaryk University | brno | masaryk-university |
| Fuzzing Device Emulation in QEMU | Hypervisors—the software that allows a computer to simulate multiple virtual computers—form the backbone of cloud computing. Because they are both ubiquitous and essential, they are security-critical applications that make attractive targets for potential attackers. | Hardware and the OS, Security, Privacy, Cryptography, Testing and Ops | North America | Boston University | greater-boston | boston-university |